Tools
Sorted by:
Try your query at:
 |
 |
 |
 |
 |
 |
Results 1 - 10
of
1,863
A trust management approach for flexible policy management in security-typed languages. http://elephant.cs.uiuc.edu/ sbandha2/publications/ccs07.pdf
"... Early work on security-typed languages required that legal information flows be defined statically. More recently, techniques have been introduced that relax these assumptions and allow policies to change at run-time. For example, the Rx language uses a policy language based on RT, a trust managemen ..."
Abstract
-
Cited by 9 (0 self)
- Add to MetaCart
Early work on security-typed languages required that legal information flows be defined statically. More recently, techniques have been introduced that relax these assumptions and allow policies to change at run-time. For example, the Rx language uses a policy language based on RT, a trust
Managing policy updates in security-typed languages
- In CSFW’06: the 19th IEEE Computer Security Foundations Workshop
, 2006
"... This paper presents RX, a new security-typed programming language with features intended to make the management of information-flow policies more practical. Security labels in RX, in contrast to prior approaches, are defined in terms of owned roles, as found in the RT rolebased trust-management fram ..."
Abstract
-
Cited by 27 (6 self)
- Add to MetaCart
This paper presents RX, a new security-typed programming language with features intended to make the management of information-flow policies more practical. Security labels in RX, in contrast to prior approaches, are defined in terms of owned roles, as found in the RT rolebased trust-management
Decentralized Trust Management
- In Proceedings of the 1996 IEEE Symposium on Security and Privacy
, 1996
"... We identify the trust management problem as a distinct and important component of security in network services. Aspects of the trust management problem include formulating security policies and security credentials, determining whether particular sets of credentials satisfy the relevant policies, an ..."
Abstract
-
Cited by 1025 (24 self)
- Add to MetaCart
approach to trust management, based on a simple language for specifying trusted actions and trust relationships. It also describes a prototype implementation of a new trust management system, called PolicyMaker, that will facilitate the development of security features in a wide range of network services
Integrating SELinux with Security-typed Languages
- ANNUAL SECURITY ENHANCED LINUX SYMPOSIUM
, 2007
"... Traditionally, operating systems have enforced MAC and information flow policies with minimal dependence on application programs. However, there are many cases where systems depend on user-level programs to enforce information flows. Previous approaches to handling this problem, such as privilege-se ..."
Abstract
-
Cited by 4 (1 self)
- Add to MetaCart
-separation of application components or assuming trust in application information flow enforcement, are prone to error and cumbersome to manage. On the other hand, recent advances in the area of security-typed languages have enabled the development of realistic applications with formally and automatically verified
The Ponder Policy Specification Language
- LECTURE NOTES IN COMPUTER SCIENCE
, 2001
"... The Ponder language provides a common means of specifying security policies that map onto various access control implementation mechanisms for firewalls, operating systems, databases and Java. It supports obligation policies that are event triggered conditionaction rules for policy based management ..."
Abstract
-
Cited by 499 (28 self)
- Add to MetaCart
The Ponder language provides a common means of specifying security policies that map onto various access control implementation mechanisms for firewalls, operating systems, databases and Java. It supports obligation policies that are event triggered conditionaction rules for policy based management
Matchmaking: Distributed Resource Management for High Throughput Computing
- In Proceedings of the Seventh IEEE International Symposium on High Performance Distributed Computing
, 1998
"... Conventional resource management systems use a system model to describe resources and a centralized scheduler to control their allocation. We argue that this paradigm does not adapt well to distributed systems, particularly those built to support high-throughput computing. Obstacles include heteroge ..."
Abstract
-
Cited by 435 (20 self)
- Add to MetaCart
approach to resource management in distributed environment with decentralized ownership of resources. Novel aspects of the framework include a semi-structured data model that combines schema, data, and query in a simple but powerful specification language, and a clean separation of the matching
Design of a role-based trust management framework
- In Proceedings of the 2002 IEEE Symposium on Security and Privacy
, 2002
"... We introduce the RT framework, a family of Rolebased Trust-management languages for representing policies and credentials in distributed authorization. RT combines the strengths of role-based access control and trustmanagement systems and is especially suitable for attributebased access control. Usi ..."
Abstract
-
Cited by 362 (42 self)
- Add to MetaCart
We introduce the RT framework, a family of Rolebased Trust-management languages for representing policies and credentials in distributed authorization. RT combines the strengths of role-based access control and trustmanagement systems and is especially suitable for attributebased access control
A Survey of Trust in Internet Applications
, 2000
"... Trust is an important aspect of decision making for Intemet applications and particularly influences the specification of security policy i.e. who is authorised to perform actions as well as the techniques needed to manage and implement security to and for the applications. This survey examines the ..."
Abstract
-
Cited by 310 (5 self)
- Add to MetaCart
Trust is an important aspect of decision making for Intemet applications and particularly influences the specification of security policy i.e. who is authorised to perform actions as well as the techniques needed to manage and implement security to and for the applications. This survey examines
Trusted Declassification -- High-level policy for a security-typed language
, 2006
"... Security-typed languages promise to be a powerful tool with which provably secure software applications may be developed. Programs written in these languages enforce a strong, global policy of noninterference which ensures that high-security data will not be observable on low-security channels. Beca ..."
Abstract
-
Cited by 31 (13 self)
- Add to MetaCart
Security-typed languages promise to be a powerful tool with which provably secure software applications may be developed. Programs written in these languages enforce a strong, global policy of noninterference which ensures that high-security data will not be observable on low-security channels
Conflicts in Policy-based Distributed Systems Management
- IEEE Transactions on Software Engineering
, 1999
"... Modern distributed systems contain a large number of objects, and must be capable of evolving, without shutting down the complete system, to cater for changing requirements. There is a need for distributed, automated management agents whose behavior also has to dynamically change to reflect the evol ..."
Abstract
-
Cited by 253 (17 self)
- Add to MetaCart
at the organizational level (c.f. goals) and then refined to implementable actions. We are concerned with two types of policies. Authorization policies specify what activities a manager is permitted or forbidden to do to a set of target objects and are similar to security accesscontrol policies. Obligation policies
Results 1 - 10
of
1,863
